Macs More Vulnerable, Spyware A Danger

Yahoo! News ^ | Tue Mar 29, 2:06 PM ET

[Swordmaker]

More FUD being published about OSX and Mac vulnerabilities... but

"...But although Gartner's Reynolds warns Mac users to take precautions, he's not convinced Symantec's more dire predictions are on the mark. "Symantec's trying to drum up Mac security business," he said.

"Any major security vulnerabilities in Mac OS X are down the road," he said. "The OS is good at keeping out attacks, and Apple has a good patching system. What I would be concerned about is directed attacks or maybe spyware..."

... shows that the headline really doesn't match the content of the article.

PINGOMG the Mac Ping List.

If you want on or off the Mac Ping list, Freepmail me.

[Swordmaker]

"... The traditional Windows-centric method of hackers to gain control is via a mass-mailed worm, but even with its increasing popularity, that's not a likely avenue of attack on the Mac.

"I don't expect to see a worm attack," Reynolds said. "The Macintosh still has far too low of a profile."

Even if, as Gartner estimates, the Mac has about a 3 percent market share, that means any Mac worm wouldn't spread 97 percent of the time. "A hybrid worm targeting both the Mac OS and Microsoft Windows could be developed, but such an attack would be difficult to orchestrate," he added.

But he doesn't say how a mass e-mailed worm would infect a Macintosh which does not allow executables to be installed without a password, or allow them to run from e-mail. For a mass emailed worm to work, it has to be installed and executed. How likely is that? Somewhere between zero and none.

[Spktyr]

On top of which, no Mac browser can be hijacked like IE on Windows can to install spyware. Won't happen. ("ActiveX? What's ActiveX?")

[zeugma]

I'm not a MAC-head, but this article screams FUD...

"It only takes one exploited weakness to cause trouble," said Gartner analyst Martin Reynolds.

As opposed to the hundreds, if not thousands of exploited weaknesses in Windows?

Show me an actual exploited system, and I'd be concerned.(if I had a MAC that is)

[Swordmaker]

Show me an actual exploited system, and I'd be concerned.(if I had a MAC that is)

Exactly... and I do have a Mac... as well as Windows boxes.

[Bush2000]

The first few lines of the article tell the story:

"Enterprises using Apple's Macintosh shouldn't smirk too much over their perceived immunity to the kind of security problems that plague Windows users, a research analyst said. "It only takes one exploited weakness to cause trouble," said Gartner analyst Martin Reynolds.

Ergo, Mac users who think they're invulnerable are drooling idiots.

[Swordmaker]

Ergo, Mac users who think they're invulnerable are drooling idiots.

Four years and were still waiting to see the first OSX Mac virus... the one you say you could easily write...

[Jeff Chandler]

Some people believe there is a relationship between the virus protection folks and the virus writing folks-tin foil hat stuff, to be sure, but if the virus protection people sense that there is money to be made on Mac users, don't be surprised to see security problems with the Mac.

[IncPen]

You know... if Bush2k actually wrote a virus and sent it to me... I swear I'd run the thing.

[af_vet_rr]

I would actually say five years, of course you could throw in NeXTSTEP as well. Hard to take it serious when it hasn't happened yet, all the while any programmer that wants to create exploits knows that whoever does it first for OS X will gain a lot of fame.

Regardless, the "the sky is falling" crowd are trying to basically pimp security products (i.e. Symantec, now that they are facing a lot of competition in the Windows/PC market, are trying to hold onto areas where they are still competitive).

This article is a lot more balanced than most other articles along this line.

[antiRepublicrat]

Ergo, Mac users who think they're invulnerable are drooling idiots.

Any computer user who thinks he's invulnerable is a drooling idiot. However, many can rest assured that their platform is relatively more secure than many others on the market.

[Swordmaker]

... if the virus protection people sense that there is money to be made on Mac users, don't be surprised to see security problems with the Mac.

There are 14,000,000 OSX users out there...

Most anti-virus companies sell their services for about $30 a year. If even half of the OSX Mac users bought their products that's a $210,000,000 market.

Four years and still waiting for the first malware.

[zeugma]

Show me specifically where someone on this forum has said that Macs were "invulnerable".

Everyone uses weasel words when discussing this stuff because anyone with a brain knows that no software is perfect.

And, as I said before, an actual working virus would be even more effective.

In the past year there has been a demonstrated attack against a hardware firewall product that had just 50k potential victims on the internet, yet it took less than 24 hours to compromise the entire vulnerable and exposed population.

Surely even Macs are a bigger population than that. If these systems were as easy to compromise as these anti-virus shills claim, we'd see something.

[general_re]

On top of which, no Mac browser can be hijacked like IE on Windows can to install spyware.

Not true - there are XPI-based exploits for Moz/Firefox. Still relatively rare, and the browser defaults are tighter now than they used to be to help prevent them, but they do exist.

[Bush2000]

Four years and were still waiting to see the first OSX Mac virus... the one you say you could easily write...

I could easily create a Mac virus. But the fact of the matter is that I'd get sued into oblivion for even talking about it -- so it just isn't worth the time and trouble.

[Bush2000]

Show me specifically where someone on this forum has said that Macs were "invulnerable".

LMFAO! The Mac Moonies don't have to say invulnerable. It's implicit in their posts...

#2: "More FUD being published about OSX and Mac vulnerabilities..."

#4: "On top of which, no Mac browser can be hijacked like IE on Windows can to install spyware. Won't happen. ("ActiveX? What's ActiveX?")"

#5: "Show me an actual exploited system, and I'd be concerned.(if I had a MAC that is) "

#8: "Four years and were still waiting to see the first OSX Mac virus..."

#11: "Hard to take it serious when it hasn't happened yet..."

The implication is clear. The maroons think that OS X is invulnerable.

[jdm]

"if Bush2k actually wrote a virus and sent it to me... I swear I'd run the thing."

So would I -- where is the exe?

[Swordmaker]

I could easily create a Mac virus. But the fact of the matter is that I'd get sued into oblivion for even talking about it -- so it just isn't worth the time and trouble.

Words, words, words. Talk is cheap and you can't get sued for merely talking about it.

[Swordmaker]

#2: "More FUD being published about OSX and Mac vulnerabilities..."

You infer what is not being implied... poor form, Bush. The above statement is true... the article is spreading FUD without any proof... merely their unsupported assertions.

#4: "On top of which, no Mac browser can be hijacked like IE on Windows can to install spyware. Won't happen. ("ActiveX? What's ActiveX?")"

Another true statement as of this time. Please provide an example of a Mac browser that can be hijacked like IE. It also does not imply what you infer... it makes a statement of current fact.

#5: "Show me an actual exploited system, and I'd be concerned.(if I had a MAC that is) "

That's a challenge, Bush. Show him one.

#8: "Four years and were still waiting to see the first OSX Mac virus..."

That is also true... and implies only that it has not yet occurred... and we are STILL waiting.

#11: "Hard to take it serious when it hasn't happened yet..."

It hasn't happened yet... and despite all of your past claims that it is only a matter of time, it still hasn't happened.

... Mac Moonies... maroons...

When you can't argue facts, attack the other side. Argumentum Ad Hominem is a logical fallacy, Bush. Smearing your opponents only reflects badly on you.